[prev in list] [next in list] [prev in thread] [next in thread]
List: secure-shell
Subject: Re: SSH password authentication failure
From: Andrew <andrew () arda ! homeunix ! net>
Date: 2002-09-26 21:36:34
[Download RAW message or body]
If I understand correctly, you've compiled and installed a new version
of OpenSSL. Have you stopped and started the sshd process since then? Is
OpenSSH linking dynamically to OpenSSL libraries? Try running
ldd /path/to/sshd
You should see sshd linked to libcrypto among other things if it is
dynamically linked.
Debug output from your connection attempt would definitly help.
Andrew
Catherine Pinatiello wrote:
> Hello,
>
> Running OpenSSH 3.4p1 on Redhat 7.2.
>
> Today I found out we were vulnerable to the OpenSSL worm on port 2002 so
> I went through, cleaned the system and installed a new version of OpenSSL.
>
> After a server reboot OpenSSH came up not allowing connections to
> authenticate. I will try to login, and it will tell me: "Permission
> denied. Please try again." I try again until it errors out with:
>
> Permission denied (publickey,password,keyboard-interactive).
>
> I checked, and yes Pam is still installed correctly with the
> /etc/pam.d/sshd file intact exactly the way it should be:
>
> #%PAM-1.0
> auth required /lib/security/pam_stack.so service=system-auth
> auth required /lib/security/pam_nologin.so
> account required /lib/security/pam_stack.so service=system-auth
> password required /lib/security/pam_stack.so service=system-auth
> session required /lib/security/pam_stack.so service=system-auth
> session required /lib/security/pam_limits.so
> session optional /lib/security/pam_console.so
>
> And yes, openSSH is configured to use md5 passwords otherwise it
> wouldn't have worked in the first place.
>
> I can post a verbose debug if it helps.
>
> When I look at /var/log/secure it says:
> "User admin not allowed because not listed in AllowUsers"
>
> Although, in /etc/ssh/sshd_config, that user is indeed listed for
> AllowUsers, as is other users I've tried to connect with. All have
> failed with the same message.
>
> Is there something I'm missing...?? I've tried reinstalling the same
> version of OpenSSH, all to no avail - nothing has changed.
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic